Container security requires continuous security in new DevSecOps models

2020-01-22 06:30

When Jordan Liggitt at Google posted details of a serious Kubernetes vulnerability in November 2018, it was a wake-up call for security teams ignoring the risks that came with adopting a cloud-native infrastructure without putting security at the heart of the whole endeavor.

There has been the runc container exploit in February, which allowed a malicious container to overwrite the runc binary and gain root on the container host.

In many cases, container security will automatically detect and stop unusual binaries that are being exploited attempts to access the API from an application within a compromised container.

Metadata in Kubernetes, in the form of labels and annotations, is used for organizing and understanding the way containers are orchestrated, so leveraging this to gain security insight with automated detection and tagging is an important capability.

All of these dimensions of integration demand continuous security intelligence applied across the SDLC. Securing containers and orchestration, and more broadly the entire modern application stack, cannot suffer from the delays in both planning and production of connecting dozens of fragmented analytics tools.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/DjpSlhYmBbY/

#devsecops #security